initial mattermost uds package

defenseunicorns · Jan 24, 2024 · 8e4b7c7 · 8e4b7c7
1 parent c8f1bc6
commit 8e4b7c7
Show file tree

Hide file tree

Showing 40 changed files with 1,149 additions and 0 deletions.
diff --git a/.github/actions/save-logs/action.yaml b/.github/actions/save-logs/action.yaml
@@ -0,0 +1,18 @@
+name: save-logs
+description: "Save debug logs"
+
+runs:
+  using: composite
+  steps:
+    - name: Fix log permissions
+      run: |
+        sudo chown $USER /tmp/zarf-*.log || echo ""
+        sudo chown $USER /tmp/uds-*.log || echo ""
+      shell: bash
+
+    - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      with:
+        name: debug-log
+        path: |
+          /tmp/zarf-*.log
+          /tmp/uds-*.log
diff --git a/.github/actions/setup/action.yaml b/.github/actions/setup/action.yaml
@@ -0,0 +1,30 @@
+# action.yml
+name: "Setup Environment"
+description: "UDS Environment Setup"
+
+runs:
+  using: "composite"
+  steps:
+    - name: Install Zarf
+      uses: defenseunicorns/setup-zarf@main
+      with:
+        # renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver
+        version: v0.32.1
+        download-init-package: true
+
+    - name: Use Node.js latest
+      uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+      with:
+        node-version: 20
+
+    - name: Install k3d
+      shell: bash
+      run: curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=v5.6.0 bash
+
+    - name: Set up Homebrew
+      uses: Homebrew/actions/setup-homebrew@master
+
+    - name: Install UDS CLI
+      shell: bash
+      # renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver
+      run: brew install defenseunicorns/tap/uds@0.5.3
diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
@@ -0,0 +1,28 @@
+name: Metadata
+
+on:
+  pull_request:
+    branches: [main]
+    types: [opened, edited, synchronize]
+
+jobs:
+  title_check:
+    runs-on: ubuntu-latest
+    name: Validate PR Title
+    permissions:
+      pull-requests: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+
+      - name: Install commitlint
+        run: npm install --save-dev @commitlint/{config-conventional,cli}
+
+      - name: Lint PR title
+        run: echo "${{ github.event.pull_request.title }}" | npx commitlint
diff --git a/.github/workflows/pull-request-conditionals.yaml b/.github/workflows/pull-request-conditionals.yaml
@@ -0,0 +1,30 @@
+name: Conditionals
+
+# This workflow is triggered on pull requests to the main branch.
+on:
+  pull_request:
+    paths:
+      - ".github/**"
+      - "bundle/**"
+      - "values/**"
+      - "tasks/**"
+      - "tests/**"
+      - "tasks.yaml"
+      - "zarf.yaml"
+
+# Permissions for the GITHUB_TOKEN used by the workflow.
+permissions:
+  id-token: write # Needed for OIDC-related operations.
+  contents: read # Allows reading the content of the repository.
+  pull-requests: read # Allows reading pull request metadata.
+
+# Default settings for all run commands in the workflow jobs.
+defaults:
+  run:
+    shell: bash -e -o pipefail {0} # Ensures that scripts fail on error and pipefail is set.
+
+jobs:
+  run-test:
+    name: Test
+    uses: ./.github/workflows/test.yaml
+    secrets: inherit
diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
@@ -0,0 +1,49 @@
+name: Publish UDS Package Mattermost
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  tag-new-version:
+    name: Tag New Version
+    permissions: write-all
+    runs-on: ubuntu-latest
+    outputs:
+      release_created: ${{ steps.release-flag.outputs.release_created }}
+    steps:
+      - name: Create release tag
+        id: tag
+        uses: google-github-actions/release-please-action@v4.0.1
+      - id: release-flag
+        run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT
+
+  publish-package:
+    needs: tag-new-version
+    if: ${{ needs.tag-new-version.outputs.release_created == 'true' }}
+    runs-on: ubuntu-latest
+    name: Publish package
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Environment setup
+        uses: ./.github/actions/setup
+
+      - name: Iron Bank Login
+        run: zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: dummy
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Publish Package
+        run: uds run -f tasks/publish.yaml package
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -0,0 +1,52 @@
+name: Test package
+
+on:
+  # Manual trigger
+  workflow_dispatch:
+
+  # Triggered by pull-request-conditionals.yaml
+  workflow_call:
+
+# Abort prior jobs in the same workflow / PR
+concurrency:
+  group: test-${{ github.ref }}-${{ inputs.package }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    runs-on: "uds-ubuntu-big-boy-16-core"
+    timeout-minutes: 20
+    name: Test
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Environment setup
+        uses: ./.github/actions/setup
+
+      - name: Iron Bank Login
+        run: zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil
+
+      - name: Create test bundle
+        run: uds run create-test-bundle
+
+      - name: Setup cluster
+        run: uds run setup-cluster
+
+      - name: Deploy test bundle
+        run: uds run deploy-test-bundle
+
+      - name: Test package
+        run: uds run test-package
+
+      - name: Cleanup
+        if: always()
+        run: uds run cleanup
+
+      - name: Save logs
+        if: always()
+        uses: ./.github/actions/save-logs
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,18 @@
+.cache/
+.idea/
+.vscode/
+build/
+.DS_Store
+*.tar.zst
+test/tf/public-ec2-instance/.tool-versions
+zarf-sbom
+
+# Terraform
+test/tf/public-ec2-instance/.test-data
+test/tf/public-ec2-instance/.terraform
+terraform.tfstate
+terraform.tfstate.backup
+.terraform.lock.hcl
+
+# SOPS stuff that should never be committed to the repo
+secret-sops-gpg.yaml
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,53 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+      - id: check-added-large-files
+        args: ["--maxkb=1024"]
+      - id: check-merge-conflict
+      - id: detect-aws-credentials
+        args:
+          - "--allow-missing-credentials"
+      - id: detect-private-key
+        exclude: |
+          (?x)^(
+            kustomizations/bigbang/environment-bb/values-bigbang.enc.yaml
+          )$
+      - id: end-of-file-fixer
+        exclude: "^kustomizations/bigbang/vendor/.*$"
+      - id: fix-byte-order-marker
+      - id: trailing-whitespace
+        exclude: "^kustomizations/bigbang/vendor/.*$"
+        args: [--markdown-linebreak-ext=md]
+      - id: check-yaml
+        exclude: |
+          (?x)^(
+            charts/raw/templates/resources.yaml
+          )$
+        args:
+          - "--allow-multiple-documents"
+  - repo: https://github.com/sirosen/fix-smartquotes
+    rev: 0.2.0
+    hooks:
+      - id: fix-smartquotes
+  - repo: https://github.com/python-jsonschema/check-jsonschema
+    rev: 0.24.0
+    hooks:
+      - id: check-jsonschema
+        name: "Validate Zarf Configs Against Schema"
+        files: "zarf.yaml"
+        types: [yaml]
+        args:
+          [
+            "--schemafile",
+            "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.29.1/zarf.schema.json",
+            "--no-cache"
+          ]
+  - repo: https://github.com/golangci/golangci-lint
+    rev: v1.52.3
+    hooks:
+      - id: golangci-lint
+  - repo: https://github.com/renovatebot/pre-commit-hooks
+    rev: 36.40.0
+    hooks:
+      - id: renovate-config-validator
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
@@ -0,0 +1,3 @@
+{
+    ".": "9.3.0-uds.0"
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,62 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [0.1.7](https://github.com/defenseunicorns/uds-capability-mattermost-operator/compare/v0.1.6...v0.1.7) (2023-12-18)
+
+
+### Features
+
+* Expose full SSO config ([#22](https://github.com/defenseunicorns/uds-capability-mattermost-operator/issues/22)) ([74b0221](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/74b0221bb2da50187792994c171176ee52839e79))
+
+## [0.1.6](https://github.com/defenseunicorns/uds-capability-mattermost-operator/compare/v0.1.5...v0.1.6) (2023-12-15)
+
+
+### Miscellaneous
+
+* Update mattermost to v9.2.3-bb.1 ([#20](https://github.com/defenseunicorns/uds-capability-mattermost-operator/issues/20)) ([03943a2](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/03943a252152e374689646c6e18372639ca8901b))
+
+## [0.1.5](https://github.com/defenseunicorns/uds-capability-mattermost-operator/compare/v0.1.4...v0.1.5) (2023-12-11)
+
+
+### Features
+
+* expose volume and volume mounts ([#18](https://github.com/defenseunicorns/uds-capability-mattermost-operator/issues/18)) ([c06ae6a](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/c06ae6a0f86aa944c15aa9ea59023b78870cc2cc))
+
+## [0.1.4](https://github.com/defenseunicorns/uds-capability-mattermost-operator/compare/v0.1.3...v0.1.4) (2023-12-09)
+
+
+### Features
+
+* Variablize file store endpoint ([#16](https://github.com/defenseunicorns/uds-capability-mattermost-operator/issues/16)) ([fe89c0c](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/fe89c0c1bec6e67f25c0e72fef24c820b1639586))
+
+## [0.1.3](https://github.com/defenseunicorns/uds-capability-mattermost-operator/compare/v0.1.2...v0.1.3) (2023-12-07)
+
+
+### Features
+
+* Add configurable bucket suffix ([#15](https://github.com/defenseunicorns/uds-capability-mattermost-operator/issues/15)) ([d2e78e7](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/d2e78e74e1969a2ae33ffc80a4a8613a3005e3ac))
+* add initial oscal component definition file. ([#13](https://github.com/defenseunicorns/uds-capability-mattermost-operator/issues/13)) ([44d78bc](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/44d78bc7ef9ea7927624578d13c72cee028b7263))
+
+## [0.1.2](https://github.com/defenseunicorns/uds-capability-mattermost-operator/compare/v0.1.1...v0.1.2) (2023-12-01)
+
+
+### Miscellaneous
+
+* Sync dev deps with releases ([01b85a8](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/01b85a8fcb8ee00cd3c9ac46140dbdb6b374aea5))
+
+## [0.1.1](https://github.com/defenseunicorns/uds-capability-mattermost-operator/compare/v0.1.0...v0.1.1) (2023-11-29)
+
+
+### Miscellaneous
+
+* initial release updates ([b5da656](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/b5da656be61ed520634c9adaf45b26f268c8f9b3))
+* More release updates ([#11](https://github.com/defenseunicorns/uds-capability-mattermost-operator/issues/11)) ([87fcad9](https://github.com/defenseunicorns/uds-capability-mattermost-operator/commit/87fcad970bcd772e08cec286ee3ff42c5aeec432))
+
+## [0.0.0] - 2023-08-42
+PRE RELEASE
+
+### Added
+- Initial CHANGELOG.md
+- CONTRIBUTING.md
+- CODEOWNERS
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -0,0 +1 @@
+/* @defenseunicorns/uds
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,27 @@
+# Welcome to the Matter Operator UDS Capability
+
+Thank you for your interest in this Defense Unicorns UDS Capability!
+
+This document describes the process and requirements for contributing to this UDS Capability.
+
+## Developer Experience
+
+Continuous Delivery is core to our development philosophy. Check out [https://minimumcd.org](https://minimumcd.org) for a good baseline agreement on what that means.
+
+Specifically:
+
+* We do trunk-based development (main) with short-lived feature branches that originate from the trunk, get merged into the trunk, and are deleted after the merge
+* We don't merge code into main that isn't releasable
+* We perform automated testing on all changes before they get merged to main
+* Continuous integration (CI) pipeline tests are definitive
+* We create immutable release artifacts
+
+## Definition of Done
+
+We apply these general principles to all User Stories and activities contributing to the UDS SWF.
+
+* Automated continuous integration (CI) pipeline tests pass
+* CI pipeline tests have been updated to meet system changes
+* Changes are peer reviewed
+* Acceptance criteria is met
+* Documentation is updated to reflect what changed